2 min read

Google gives away 10,000 free security keys to high-risk users

Graham CLULEY

October 12, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Google gives away 10,000 free security keys to high-risk users

10,000 high-risk users are being provided with free hardware security keys by Google, with the aim of better protecting their accounts from hackers.

Google says it is sending out the free Titan two-factor authentication (2FA) security keys - that provide a phishing-resistant layer of protection - to groups such as politicians, journalists, and human rights activists, who are considered to be particularly at risk from state-sponsored attackers.

Users who enable Google Advanced Protection (APP) and use a hardware security key, will need both their password and the physical key to log into their account. Meanwhile, existing Google authentication services which are less secure than a hardware key will no longer work.

Google's announcement comes in the wake of the technology giant displaying alerts to approximately 14,000 users that their accounts had been targeted by Russia-backed hackers.

Shane Huntley, director of Google's Threat Analysis Group (TAG), confirmed on Twitter that the hacking group which prompted the large number of alerts was APT28 (also known as Fancy Bear), which has been behind a spate of high profile attacks in recent years.

Perhaps most infamously, APT28 was responsible for hacking into Hillary Clinton's presidential campaign and the DNC.

Huntley explained to high-risk users that it was inevitable someone would attempt to compromise their account at some point.

In a tweet, Huntley posted:

"If you are an activist/journalist/government official or work in NatSec, this warning honestly shouldn't be a surprise. At some point some govt backed entity probably will try to send you something."

Google says that it blocked all of the malicious emails in the latest attack, but because it believed users had been targeted by a government-backed gang it warned them of the attempted hack.

The message from Google is clear: hackers backed by the Russian government have stepped up their attacks and are not afraid of targeting a large number of potential victims at once.  Even though Google has seemingly done a good job so far at intercepting the attacks, users should still be on their guard.

And for high-risk users, raised awareness, patching, and adoption of a hardware based 2FA solution such as a security key is a sensible step towards significantly strengthening defenses.

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked
Vlad CONSTANTINESCU

January 21, 2022

1 min read
Crypto.com Confirms $34 Million Hack Compromised 483 User Accounts Crypto.com Confirms $34 Million Hack Compromised 483 User Accounts
Vlad CONSTANTINESCU

January 21, 2022

1 min read
Moncler Confirms Data Breach After Ransomware Gang Advertises ‘Rich Customer’ Data on Leak Website Moncler Confirms Data Breach After Ransomware Gang Advertises ‘Rich Customer’ Data on Leak Website
Alina BÎZGĂ

January 19, 2022

2 min read